SSL

Update your Mac NOW: Apple fixes OS X 'goto fail' SSL spying vuln

Guys, Patch Tuesday is for Microsoft and Adobe, this should have been Patch Friday

Security25 Feb 2014 | 38

Collective SSL FAIL a symptom of software's cultural malaise

Apple, WhatsApp and Belkin show that if you ask for bad software, you get bad software

Software23 Feb 2014 | 58

Apple Safari, Mail and more hit by SSL spying bug on OS X, fix 'soon'

iMessage, Facetime, Twitter and others blown apart by Apple's cert check cock-up

Security23 Feb 2014 | 32

Update your iThings NOW: Apple splats scary SSL snooping bug in iOS

Updated² OS X Mavericks still VULNERABLE, millions at risk of web hijacking

Security21 Feb 2014 | 50

French gov used fake Google certificate to read its workers' traffic

Liberté, égalité ... invisibilité: Homme-dans-l'intermédiaire snooping at treasury dept

Security10 Dec 2013 | 49

Yahoo! To! Switch! On! Webmail! Crypto! By! Default! Next! Year!

Never mind NSA backdoors, Purple Palace has got your back

Security15 Oct 2013 | 10

American Fantasy Football app lets hackers change team rosters

Yahoo! applies SSL to lock down insecure mobile gridiron game

Security06 Sep 2013 | 1

Now we know why UK spooks simply shrugged at SSL encryption

Analysis HTTPS thwarting spies, web filters? They already had ways of breaking the code

Legal06 Sep 2013 | 94

Reports: NSA has compromised most internet encryption

There goes the neighborhood

Security05 Sep 2013 | 194

NASA: Full details on our manned ASTEROID SNATCH mission

Video If Congress will fund it, that is

Science27 Aug 2013 | 46

Admins warned: Drill SSL knowledge into your Chrome users

Google research finds whopping SSL click-through rates

Security10 Aug 2013 | 44

Step into the BREACH: HTTPS encrypted web cracked in 30 seconds

Black Hat 2013 Online banking, webmail, shopping hacked and slurped in new crypto attack

Security02 Aug 2013 | 20

Facebook: 'Don't worry, your posts are SECURE with us'

Never mind PRISM, you've got HTTPS by default

Security01 Aug 2013 | 25

Tumblr's iOS fix for clear-text password login howler was WEEKS LATE

Fanbois, stop snapping pics of your dinner and update

Security17 Jul 2013 | 5

D'OH! Use Tumblr on iPhone or iPad, give your password to the WORLD

Exclusive World+Cat in this case. Should call it 'Spaffr'

Security17 Jul 2013 | 33

A simple SSL tweak could protect you from GCHQ/NSA snooping

It might slow you down, but hey, you can't have everything

Security26 Jun 2013 | 73

Google to double encryption key lengths for SSL certs by year's end

2048-bit keys will be the norm

Security23 May 2013 | 13

Security damn well IS a dirty word, actually

Sysadmin blog Wash your mouth out with TLS 1.2

On-Prem26 Mar 2013 | 34

HTTPS cookie crypto CRUMBLES AGAIN in hands of stats boffins

Keep calm and carry on ciphering with RC4 - for now

Security15 Mar 2013 | 8

Microsoft coughs up compensation for Azure cloud cock-up

Embarrassing SSL cert snafu probe launched

SaaS25 Feb 2013 | 18

Browser makers rush to block fake Google.com security cert

Turkish authority's goof could compromise data

Security04 Jan 2013 | 41

Companies House website security 'a bit of a mess'

Nerve centre of British business open to scams

Security28 Nov 2012 | 6

So you broke our encrypted files? Ha! They were DOUBLY encrypted

Even if they steal the cloud, they can't get the rain out

Security15 Nov 2012 | 37

Android apps get SSL wrong, expose personal data

Researchers find 1,000 insecure apps, pinch credit card and other data

Applications21 Oct 2012 | 39

One year on, SSL servers STILL cower before the BEAST

70% of sites still vulnerable to cookie monster

Security18 Oct 2012 | 5

Microsoft: 'Update your security certs this month – or else'

October update to block sites using weak crypto

OSes07 Sep 2012 | 25

SSL BEASTie boys develop follow-up 'CRIME' web attack

Ill Communication

Security07 Sep 2012 | 5

Cyberoam pushes fix for SSL vuln

Users’ snooped packets safe again

Security09 Jul 2012 | 2

Security firm in Tor Project 'mass surveillance' row responds

'We accept or reject, we do not store'

Security07 Jul 2012 | 28

Elgamal, Marlinspike join dream team tackling SSL screw-ups

Infosec 2012 Security superheroes turn e-commerce Avengers

Security27 Apr 2012 | 2

MI5 stinks up website with dead SSL certificate

Secret policeman's balls-up

Security16 Apr 2012 | 20

'Predictably random' public keys can be cracked - crypto boffins

Analysis Battling researchers argue over whether you should panic

Security16 Feb 2012 | 21

Twitter finally grabs wheel, drives all twits into HTTPS

Cafe Wi-Fi tweeting protected from sniffing hackers

Legal14 Feb 2012 | 7

Iran draws veil over secure internet access

Tor needs help to beat censorship

Legal10 Feb 2012 | 45

Trustwave admits crafting SSL snooping certificate

Allowing bosses to spy on staff was wrong, says security biz

Security09 Feb 2012 | 21

Chrome to weed out dodgy website SSL certificates by itself

Ditched online checks like 'seat belt that snaps when you crash'

Security08 Feb 2012 | 25

LinkedIn offers MORE SECURE hobnobbing option

Social-network-for-suits finally gets some SSL love

Legal08 Feb 2012 | 10

Marlinspike asks browser vendors to back SSL-validator

Analysis 'Convergence' open source dev needs vendors to balance the load

Security08 Feb 2012 | 6

Verisign admits 2010 hack attack, mum on what was nicked

SEC filing shows BOFH cover-up

Security02 Feb 2012 | 13

BEAST SSL fix in supersized Patch Tuesday

Microsoft's 2012 kick-off features 7 security bulletins

Software06 Jan 2012 | 6

Security mandates aim to shore up shattered SSL system

Too little, too late

Security17 Dec 2011 | 27

Digital certificate authority suspends ops following breach

Hackers access database, gain control over website

Security08 Dec 2011 | 9

Google researchers propose fix for ailing SSL system

Changes would overhaul net's foundation of trust

Security29 Nov 2011 | 29

Google mail crypto tweak makes eavesdropping harder

'Forward secrecy' protects data for the long term

Security22 Nov 2011 | 7

Certificate stolen from Malaysian gov used to sign malware

Security warnings bypassed

Security14 Nov 2011 | 4

SSL authority stops issuing certificates following breach

Here we go again

Security04 Nov 2011 | 18

Web credential authority rebuked for 'poor' security

Digicert Malaysia banished from Chrome, IE, Firefox

Security03 Nov 2011 | 5

(At least) 4 web authentication authorities breached since June

SSL security chain as good a broken

Security27 Oct 2011 | 16

Tool lets low-end PC crash much more powerful webserver

Denial-of-service attack targets SSL

Security24 Oct 2011 | 7

Google adds default end-to-end encryption to search

SSL omissions of Yahoo and Bing remain

Security19 Oct 2011 | 24

Oracle updates Java to stop SSL-chewing BEAST

Framework declared safe for Firefox

Security19 Oct 2011 | 11

Citrix pushes the pedal on NetScaler appliance metal

2,048-bit SSL coprocessor nitro

Channel10 Oct 2011 |

Qualys endorses alternative to crappy SSL system

Moxie Marlinspike's Convergence gets show of support

Security30 Sep 2011 | 8

World takes notice as SSL-chewing BEAST is unleashed

Google, Microsoft, Mozilla patch cracks in net's foundation of trust

Security27 Sep 2011 | 15

Experts suggest SSL changes to keep BEAST at bay

Google protected. PayPal? Not so much

Security23 Sep 2011 | 8

Google preps Chrome fix to slay SSL-attacking BEAST

20-line patch targets plaintext recovery exploit

Security21 Sep 2011 | 7